際際滷

際際滷Share a Scribd company logo

eChallenges_e2011_JS

Download as PPT, PDF
Jonathan Sinclair
Jonathan Sinclair

This document summarizes a presentation on auditing issues for cloud-based business services. The presentation covers fundamentals of cloud computing, compliance and auditing. It discusses challenges around cloud compliance related to data locality, multi-tenancy and data retention. The presentation aims to ensure security of consumer data, maintain compliance with privacy laws and prevent unauthorized access or transfer of customer data from cloud services.

1 of 9
Download to read offline
Session 2b, 26th October 2011 eChallenges e-2011 Copyright 2011 SAP Research Auditing Issues for Cloud-based Business Services Jonathan Sinclair SAP Research Belfast UK
Session 2b, 26th October 2011 eChallenges e-2011 Copyright 2011 SAP Research Agenda Fundamentals of Cloud, Compliance and Auditing Cloud Compliance Challenges Use Case: Future Healthcare and CRM Compliance Auditing Conclusions
Session 2b, 26th October 2011 eChallenges e-2011 Copyright 2011 SAP Research Fundamentals Compliance Compliance is defined as being in accordance with relevant governmental orindustrial laws, regulationsand standards through governance processes. Business Web A business model and technical framework that represents a marketplace allowing providers and consumers to negotiate the usage of products. Clouds are a large pool of easily usable and accessible virtualized resources that can be dynamically reconfigured to adjust to a variable load. Cloud Computing Auditing The process of collecting and evaluating evidence to determine whether a computer system (information system) safeguards assets, maintains data integrity, achieves organizational goals effectively and consumes resources efficiently.
Session 2b, 26th October 2011 eChallenges e-2011 Copyright 2011 SAP Research Motivation, Problem Area An undefined problem has an infinite number of solutions Robert A. Humphrey Customer Data Legislation Government Auditor Compliance CheckCompliance Report Regulation Regulator creates creates Businesses have to comply with store and are responsible for use IT to improve operations IT Department have to comply with Governance Compliance Customer Data Legislation Government Auditor Compliance CheckCompliance Report Regulation Regulator creates creates Businesses have to comply with store and are responsible for use IT to improve operations IT Department have to comply with Governance Compliance
Session 2b, 26th October 2011 eChallenges e-2011 Copyright 2011 SAP Research Research Objectives The locality of data is of key importance to adhere to legislation Cross-jurisdictional conflictions Performance and Availability Disaster Recovery and Backup Multi-tenancy and data accessibility Company Multi-tenancy Systems Multi-tenancy Data Retention Retaining data in the Cloud Retaining data from the Cloud The greatest challenge to any thinker is stating the problem in a way that will allow a solution. Bertrand Russell
Session 2b, 26th October 2011 eChallenges e-2011 Copyright 2011 SAP Research CloudCloud AuditorAuditor Research Approach, Methodology Most human beings have an almost infinite capacity for taking things for granted Aldous Huxley
Session 2b, 26th October 2011 eChallenges e-2011 Copyright 2011 SAP Research Major Outcomes/Results A complex system that works is invariably found to have evolved from a simple system that works John Gaule
Session 2b, 26th October 2011 eChallenges e-2011 Copyright 2011 SAP Research Conclusion and Outlook Ensure the security of consumers data Maintain compliance with data security / privacy laws Assure that service providers, integrators or composers cannot access data within a consumers service transfer data from a consumers service A conclusion is the place where you got tired of thinking Harold Fricklestein
Session 2b, 26th October 2011 eChallenges e-2011 Copyright 2011 SAP Research Thank You! Jonathan Sinclair Research Associate SAP Research Belfast SAP [UK] Ltd The Concourse, Queens Road Queens Island, Titanic Quarter Belfast BT3 9DT T +44 (0)28 9078 5749 E jonathan.sinclair@sap.com Blogger: cloudauditing.blogspot.com LinkedIn: jonathangsinclair Twitter: jonnygsinclair 際際滷share: jonathansinclair86

More Related Content

eChallenges_e2011_JS

  • 1. Session 2b, 26th October 2011 eChallenges e-2011 Copyright 2011 SAP Research Auditing Issues for Cloud-based Business Services Jonathan Sinclair SAP Research Belfast UK
  • 2. Session 2b, 26th October 2011 eChallenges e-2011 Copyright 2011 SAP Research Agenda Fundamentals of Cloud, Compliance and Auditing Cloud Compliance Challenges Use Case: Future Healthcare and CRM Compliance Auditing Conclusions
  • 3. Session 2b, 26th October 2011 eChallenges e-2011 Copyright 2011 SAP Research Fundamentals Compliance Compliance is defined as being in accordance with relevant governmental orindustrial laws, regulationsand standards through governance processes. Business Web A business model and technical framework that represents a marketplace allowing providers and consumers to negotiate the usage of products. Clouds are a large pool of easily usable and accessible virtualized resources that can be dynamically reconfigured to adjust to a variable load. Cloud Computing Auditing The process of collecting and evaluating evidence to determine whether a computer system (information system) safeguards assets, maintains data integrity, achieves organizational goals effectively and consumes resources efficiently.
  • 4. Session 2b, 26th October 2011 eChallenges e-2011 Copyright 2011 SAP Research Motivation, Problem Area An undefined problem has an infinite number of solutions Robert A. Humphrey Customer Data Legislation Government Auditor Compliance CheckCompliance Report Regulation Regulator creates creates Businesses have to comply with store and are responsible for use IT to improve operations IT Department have to comply with Governance Compliance Customer Data Legislation Government Auditor Compliance CheckCompliance Report Regulation Regulator creates creates Businesses have to comply with store and are responsible for use IT to improve operations IT Department have to comply with Governance Compliance
  • 5. Session 2b, 26th October 2011 eChallenges e-2011 Copyright 2011 SAP Research Research Objectives The locality of data is of key importance to adhere to legislation Cross-jurisdictional conflictions Performance and Availability Disaster Recovery and Backup Multi-tenancy and data accessibility Company Multi-tenancy Systems Multi-tenancy Data Retention Retaining data in the Cloud Retaining data from the Cloud The greatest challenge to any thinker is stating the problem in a way that will allow a solution. Bertrand Russell
  • 6. Session 2b, 26th October 2011 eChallenges e-2011 Copyright 2011 SAP Research CloudCloud AuditorAuditor Research Approach, Methodology Most human beings have an almost infinite capacity for taking things for granted Aldous Huxley
  • 7. Session 2b, 26th October 2011 eChallenges e-2011 Copyright 2011 SAP Research Major Outcomes/Results A complex system that works is invariably found to have evolved from a simple system that works John Gaule
  • 8. Session 2b, 26th October 2011 eChallenges e-2011 Copyright 2011 SAP Research Conclusion and Outlook Ensure the security of consumers data Maintain compliance with data security / privacy laws Assure that service providers, integrators or composers cannot access data within a consumers service transfer data from a consumers service A conclusion is the place where you got tired of thinking Harold Fricklestein
  • 9. Session 2b, 26th October 2011 eChallenges e-2011 Copyright 2011 SAP Research Thank You! Jonathan Sinclair Research Associate SAP Research Belfast SAP [UK] Ltd The Concourse, Queens Road Queens Island, Titanic Quarter Belfast BT3 9DT T +44 (0)28 9078 5749 E jonathan.sinclair@sap.com Blogger: cloudauditing.blogspot.com LinkedIn: jonathangsinclair Twitter: jonnygsinclair 際際滷share: jonathansinclair86